pulumi-snowflake 0.50.3a1710160126__py3-none-any.whl → 1.2.0a1736849992__py3-none-any.whl

pulumi_snowflake/grant_privileges_to_account_role.py

@@ -4,9 +4,14 @@
 
 import copy
 import warnings
+import sys
 import pulumi
 import pulumi.runtime
 from typing import Any, Mapping, Optional, Sequence, Union, overload
+if sys.version_info >= (3, 11):
+    from typing import NotRequired, TypedDict, TypeAlias
+else:
+    from typing_extensions import NotRequired, TypedDict, TypeAlias
 from . import _utilities
 from . import outputs
 from ._inputs import *
@@ -28,19 +33,14 @@ class GrantPrivilegesToAccountRoleArgs:
                  with_grant_option: Optional[pulumi.Input[bool]] = None):
         """
         The set of arguments for constructing a GrantPrivilegesToAccountRole resource.
-        :param pulumi.Input[str] account_role_name: The fully qualified name of the account role to which privileges will be granted.
+        :param pulumi.Input[str] account_role_name: The fully qualified name of the account role to which privileges will be granted. For more information about this resource, see docs.
         :param pulumi.Input[bool] all_privileges: Grant all privileges on the account role.
-        :param pulumi.Input[bool] always_apply: If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is
-               supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to
-               X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every
-               new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions
-               of the config being eventually convergent (producing an empty plan).
         :param pulumi.Input[str] always_apply_trigger: This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
         :param pulumi.Input[bool] on_account: If true, the privileges will be granted on the account.
         :param pulumi.Input['GrantPrivilegesToAccountRoleOnAccountObjectArgs'] on_account_object: Specifies the account object on which privileges will be granted
         :param pulumi.Input['GrantPrivilegesToAccountRoleOnSchemaArgs'] on_schema: Specifies the schema on which privileges will be granted.
         :param pulumi.Input['GrantPrivilegesToAccountRoleOnSchemaObjectArgs'] on_schema_object: Specifies the schema object on which privileges will be granted.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] privileges: The privileges to grant on the account role.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] privileges: The privileges to grant on the account role. This field is case-sensitive; use only upper-case privileges.
         :param pulumi.Input[bool] with_grant_option: Specifies whether the grantee can grant the privileges to other users.
         """
         pulumi.set(__self__, "account_role_name", account_role_name)
@@ -67,7 +67,7 @@ class GrantPrivilegesToAccountRoleArgs:
     @pulumi.getter(name="accountRoleName")
     def account_role_name(self) -> pulumi.Input[str]:
         """
-        The fully qualified name of the account role to which privileges will be granted.
+        The fully qualified name of the account role to which privileges will be granted. For more information about this resource, see docs.
         """
         return pulumi.get(self, "account_role_name")
 
@@ -90,13 +90,6 @@ class GrantPrivilegesToAccountRoleArgs:
     @property
     @pulumi.getter(name="alwaysApply")
     def always_apply(self) -> Optional[pulumi.Input[bool]]:
-        """
-        If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is
-        supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to
-        X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every
-        new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions
-        of the config being eventually convergent (producing an empty plan).
-        """
         return pulumi.get(self, "always_apply")
 
     @always_apply.setter
@@ -167,7 +160,7 @@ class GrantPrivilegesToAccountRoleArgs:
     @pulumi.getter
     def privileges(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
         """
-        The privileges to grant on the account role.
+        The privileges to grant on the account role. This field is case-sensitive; use only upper-case privileges.
         """
         return pulumi.get(self, "privileges")
 
@@ -203,19 +196,14 @@ class _GrantPrivilegesToAccountRoleState:
                  with_grant_option: Optional[pulumi.Input[bool]] = None):
         """
         Input properties used for looking up and filtering GrantPrivilegesToAccountRole resources.
-        :param pulumi.Input[str] account_role_name: The fully qualified name of the account role to which privileges will be granted.
+        :param pulumi.Input[str] account_role_name: The fully qualified name of the account role to which privileges will be granted. For more information about this resource, see docs.
         :param pulumi.Input[bool] all_privileges: Grant all privileges on the account role.
-        :param pulumi.Input[bool] always_apply: If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is
-               supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to
-               X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every
-               new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions
-               of the config being eventually convergent (producing an empty plan).
         :param pulumi.Input[str] always_apply_trigger: This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
         :param pulumi.Input[bool] on_account: If true, the privileges will be granted on the account.
         :param pulumi.Input['GrantPrivilegesToAccountRoleOnAccountObjectArgs'] on_account_object: Specifies the account object on which privileges will be granted
         :param pulumi.Input['GrantPrivilegesToAccountRoleOnSchemaArgs'] on_schema: Specifies the schema on which privileges will be granted.
         :param pulumi.Input['GrantPrivilegesToAccountRoleOnSchemaObjectArgs'] on_schema_object: Specifies the schema object on which privileges will be granted.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] privileges: The privileges to grant on the account role.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] privileges: The privileges to grant on the account role. This field is case-sensitive; use only upper-case privileges.
         :param pulumi.Input[bool] with_grant_option: Specifies whether the grantee can grant the privileges to other users.
         """
         if account_role_name is not None:
@@ -243,7 +231,7 @@ class _GrantPrivilegesToAccountRoleState:
     @pulumi.getter(name="accountRoleName")
     def account_role_name(self) -> Optional[pulumi.Input[str]]:
         """
-        The fully qualified name of the account role to which privileges will be granted.
+        The fully qualified name of the account role to which privileges will be granted. For more information about this resource, see docs.
         """
         return pulumi.get(self, "account_role_name")
 
@@ -266,13 +254,6 @@ class _GrantPrivilegesToAccountRoleState:
     @property
     @pulumi.getter(name="alwaysApply")
     def always_apply(self) -> Optional[pulumi.Input[bool]]:
-        """
-        If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is
-        supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to
-        X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every
-        new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions
-        of the config being eventually convergent (producing an empty plan).
-        """
         return pulumi.get(self, "always_apply")
 
     @always_apply.setter
@@ -343,7 +324,7 @@ class _GrantPrivilegesToAccountRoleState:
     @pulumi.getter
     def privileges(self) -> Optional[pulumi.Input[Sequence[pulumi.Input[str]]]]:
         """
-        The privileges to grant on the account role.
+        The privileges to grant on the account role. This field is case-sensitive; use only upper-case privileges.
         """
         return pulumi.get(self, "privileges")
 
@@ -374,9 +355,9 @@ class GrantPrivilegesToAccountRole(pulumi.CustomResource):
                  always_apply: Optional[pulumi.Input[bool]] = None,
                  always_apply_trigger: Optional[pulumi.Input[str]] = None,
                  on_account: Optional[pulumi.Input[bool]] = None,
-                 on_account_object: Optional[pulumi.Input[pulumi.InputType['GrantPrivilegesToAccountRoleOnAccountObjectArgs']]] = None,
-                 on_schema: Optional[pulumi.Input[pulumi.InputType['GrantPrivilegesToAccountRoleOnSchemaArgs']]] = None,
-                 on_schema_object: Optional[pulumi.Input[pulumi.InputType['GrantPrivilegesToAccountRoleOnSchemaObjectArgs']]] = None,
+                 on_account_object: Optional[pulumi.Input[Union['GrantPrivilegesToAccountRoleOnAccountObjectArgs', 'GrantPrivilegesToAccountRoleOnAccountObjectArgsDict']]] = None,
+                 on_schema: Optional[pulumi.Input[Union['GrantPrivilegesToAccountRoleOnSchemaArgs', 'GrantPrivilegesToAccountRoleOnSchemaArgsDict']]] = None,
+                 on_schema_object: Optional[pulumi.Input[Union['GrantPrivilegesToAccountRoleOnSchemaObjectArgs', 'GrantPrivilegesToAccountRoleOnSchemaObjectArgsDict']]] = None,
                  privileges: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  with_grant_option: Optional[pulumi.Input[bool]] = None,
                  __props__=None):
@@ -388,42 +369,37 @@ class GrantPrivilegesToAccountRole(pulumi.CustomResource):
         #### Grant all privileges OnAccountObject (Database)
 
         ```sh
-        $ pulumi import snowflake:index/grantPrivilegesToAccountRole:GrantPrivilegesToAccountRole `"\\"test_db_role\\"|false|false|ALL|OnAccountObject|DATABASE|\\"test_db\\""`
+        $ pulumi import snowflake:index/grantPrivilegesToAccountRole:GrantPrivilegesToAccountRole example '"test_db_role"|false|false|ALL|OnAccountObject|DATABASE|"test_db"'`
         ```
 
         #### Grant list of privileges OnAllSchemasInDatabase
 
         ```sh
-        $ pulumi import snowflake:index/grantPrivilegesToAccountRole:GrantPrivilegesToAccountRole `"\\"test_db_role\\"|false|false|CREATE TAG,CREATE TABLE|OnSchema|OnAllSchemasInDatabase|\\"test_db\\""`
+        $ pulumi import snowflake:index/grantPrivilegesToAccountRole:GrantPrivilegesToAccountRole example '"test_db_role"|false|false|CREATE TAG,CREATE TABLE|OnSchema|OnAllSchemasInDatabase|"test_db"'`
         ```
 
         #### Grant list of privileges on table
 
         ```sh
-        $ pulumi import snowflake:index/grantPrivilegesToAccountRole:GrantPrivilegesToAccountRole \\"test_table\\""`
+        $ pulumi import snowflake:index/grantPrivilegesToAccountRole:GrantPrivilegesToAccountRole example '"test_db_role"|false|false|SELECT,DELETE,INSERT|OnSchemaObject|OnObject|TABLE|"test_db"."test_schema"."test_table"'`
         ```
 
         #### Grant list of privileges OnAll tables in schema
 
         ```sh
-        $ pulumi import snowflake:index/grantPrivilegesToAccountRole:GrantPrivilegesToAccountRole \\"test_schema\\""`
+        $ pulumi import snowflake:index/grantPrivilegesToAccountRole:GrantPrivilegesToAccountRole example '"test_db_role"|false|false|SELECT,DELETE,INSERT|OnSchemaObject|OnAll|TABLES|InSchema|"test_db"."test_schema"'`
         ```
 
         :param str resource_name: The name of the resource.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[str] account_role_name: The fully qualified name of the account role to which privileges will be granted.
+        :param pulumi.Input[str] account_role_name: The fully qualified name of the account role to which privileges will be granted. For more information about this resource, see docs.
         :param pulumi.Input[bool] all_privileges: Grant all privileges on the account role.
-        :param pulumi.Input[bool] always_apply: If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is
-               supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to
-               X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every
-               new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions
-               of the config being eventually convergent (producing an empty plan).
         :param pulumi.Input[str] always_apply_trigger: This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
         :param pulumi.Input[bool] on_account: If true, the privileges will be granted on the account.
-        :param pulumi.Input[pulumi.InputType['GrantPrivilegesToAccountRoleOnAccountObjectArgs']] on_account_object: Specifies the account object on which privileges will be granted
-        :param pulumi.Input[pulumi.InputType['GrantPrivilegesToAccountRoleOnSchemaArgs']] on_schema: Specifies the schema on which privileges will be granted.
-        :param pulumi.Input[pulumi.InputType['GrantPrivilegesToAccountRoleOnSchemaObjectArgs']] on_schema_object: Specifies the schema object on which privileges will be granted.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] privileges: The privileges to grant on the account role.
+        :param pulumi.Input[Union['GrantPrivilegesToAccountRoleOnAccountObjectArgs', 'GrantPrivilegesToAccountRoleOnAccountObjectArgsDict']] on_account_object: Specifies the account object on which privileges will be granted
+        :param pulumi.Input[Union['GrantPrivilegesToAccountRoleOnSchemaArgs', 'GrantPrivilegesToAccountRoleOnSchemaArgsDict']] on_schema: Specifies the schema on which privileges will be granted.
+        :param pulumi.Input[Union['GrantPrivilegesToAccountRoleOnSchemaObjectArgs', 'GrantPrivilegesToAccountRoleOnSchemaObjectArgsDict']] on_schema_object: Specifies the schema object on which privileges will be granted.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] privileges: The privileges to grant on the account role. This field is case-sensitive; use only upper-case privileges.
         :param pulumi.Input[bool] with_grant_option: Specifies whether the grantee can grant the privileges to other users.
         """
         ...
@@ -440,25 +416,25 @@ class GrantPrivilegesToAccountRole(pulumi.CustomResource):
         #### Grant all privileges OnAccountObject (Database)
 
         ```sh
-        $ pulumi import snowflake:index/grantPrivilegesToAccountRole:GrantPrivilegesToAccountRole `"\\"test_db_role\\"|false|false|ALL|OnAccountObject|DATABASE|\\"test_db\\""`
+        $ pulumi import snowflake:index/grantPrivilegesToAccountRole:GrantPrivilegesToAccountRole example '"test_db_role"|false|false|ALL|OnAccountObject|DATABASE|"test_db"'`
         ```
 
         #### Grant list of privileges OnAllSchemasInDatabase
 
         ```sh
-        $ pulumi import snowflake:index/grantPrivilegesToAccountRole:GrantPrivilegesToAccountRole `"\\"test_db_role\\"|false|false|CREATE TAG,CREATE TABLE|OnSchema|OnAllSchemasInDatabase|\\"test_db\\""`
+        $ pulumi import snowflake:index/grantPrivilegesToAccountRole:GrantPrivilegesToAccountRole example '"test_db_role"|false|false|CREATE TAG,CREATE TABLE|OnSchema|OnAllSchemasInDatabase|"test_db"'`
         ```
 
         #### Grant list of privileges on table
 
         ```sh
-        $ pulumi import snowflake:index/grantPrivilegesToAccountRole:GrantPrivilegesToAccountRole \\"test_table\\""`
+        $ pulumi import snowflake:index/grantPrivilegesToAccountRole:GrantPrivilegesToAccountRole example '"test_db_role"|false|false|SELECT,DELETE,INSERT|OnSchemaObject|OnObject|TABLE|"test_db"."test_schema"."test_table"'`
         ```
 
         #### Grant list of privileges OnAll tables in schema
 
         ```sh
-        $ pulumi import snowflake:index/grantPrivilegesToAccountRole:GrantPrivilegesToAccountRole \\"test_schema\\""`
+        $ pulumi import snowflake:index/grantPrivilegesToAccountRole:GrantPrivilegesToAccountRole example '"test_db_role"|false|false|SELECT,DELETE,INSERT|OnSchemaObject|OnAll|TABLES|InSchema|"test_db"."test_schema"'`
         ```
 
         :param str resource_name: The name of the resource.
@@ -481,9 +457,9 @@ class GrantPrivilegesToAccountRole(pulumi.CustomResource):
                  always_apply: Optional[pulumi.Input[bool]] = None,
                  always_apply_trigger: Optional[pulumi.Input[str]] = None,
                  on_account: Optional[pulumi.Input[bool]] = None,
-                 on_account_object: Optional[pulumi.Input[pulumi.InputType['GrantPrivilegesToAccountRoleOnAccountObjectArgs']]] = None,
-                 on_schema: Optional[pulumi.Input[pulumi.InputType['GrantPrivilegesToAccountRoleOnSchemaArgs']]] = None,
-                 on_schema_object: Optional[pulumi.Input[pulumi.InputType['GrantPrivilegesToAccountRoleOnSchemaObjectArgs']]] = None,
+                 on_account_object: Optional[pulumi.Input[Union['GrantPrivilegesToAccountRoleOnAccountObjectArgs', 'GrantPrivilegesToAccountRoleOnAccountObjectArgsDict']]] = None,
+                 on_schema: Optional[pulumi.Input[Union['GrantPrivilegesToAccountRoleOnSchemaArgs', 'GrantPrivilegesToAccountRoleOnSchemaArgsDict']]] = None,
+                 on_schema_object: Optional[pulumi.Input[Union['GrantPrivilegesToAccountRoleOnSchemaObjectArgs', 'GrantPrivilegesToAccountRoleOnSchemaObjectArgsDict']]] = None,
                  privileges: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
                  with_grant_option: Optional[pulumi.Input[bool]] = None,
                  __props__=None):
@@ -522,9 +498,9 @@ class GrantPrivilegesToAccountRole(pulumi.CustomResource):
             always_apply: Optional[pulumi.Input[bool]] = None,
             always_apply_trigger: Optional[pulumi.Input[str]] = None,
             on_account: Optional[pulumi.Input[bool]] = None,
-            on_account_object: Optional[pulumi.Input[pulumi.InputType['GrantPrivilegesToAccountRoleOnAccountObjectArgs']]] = None,
-            on_schema: Optional[pulumi.Input[pulumi.InputType['GrantPrivilegesToAccountRoleOnSchemaArgs']]] = None,
-            on_schema_object: Optional[pulumi.Input[pulumi.InputType['GrantPrivilegesToAccountRoleOnSchemaObjectArgs']]] = None,
+            on_account_object: Optional[pulumi.Input[Union['GrantPrivilegesToAccountRoleOnAccountObjectArgs', 'GrantPrivilegesToAccountRoleOnAccountObjectArgsDict']]] = None,
+            on_schema: Optional[pulumi.Input[Union['GrantPrivilegesToAccountRoleOnSchemaArgs', 'GrantPrivilegesToAccountRoleOnSchemaArgsDict']]] = None,
+            on_schema_object: Optional[pulumi.Input[Union['GrantPrivilegesToAccountRoleOnSchemaObjectArgs', 'GrantPrivilegesToAccountRoleOnSchemaObjectArgsDict']]] = None,
             privileges: Optional[pulumi.Input[Sequence[pulumi.Input[str]]]] = None,
             with_grant_option: Optional[pulumi.Input[bool]] = None) -> 'GrantPrivilegesToAccountRole':
         """
@@ -534,19 +510,14 @@ class GrantPrivilegesToAccountRole(pulumi.CustomResource):
         :param str resource_name: The unique name of the resulting resource.
         :param pulumi.Input[str] id: The unique provider ID of the resource to lookup.
         :param pulumi.ResourceOptions opts: Options for the resource.
-        :param pulumi.Input[str] account_role_name: The fully qualified name of the account role to which privileges will be granted.
+        :param pulumi.Input[str] account_role_name: The fully qualified name of the account role to which privileges will be granted. For more information about this resource, see docs.
         :param pulumi.Input[bool] all_privileges: Grant all privileges on the account role.
-        :param pulumi.Input[bool] always_apply: If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is
-               supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to
-               X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every
-               new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions
-               of the config being eventually convergent (producing an empty plan).
         :param pulumi.Input[str] always_apply_trigger: This is a helper field and should not be set. Its main purpose is to help to achieve the functionality described by the always_apply field.
         :param pulumi.Input[bool] on_account: If true, the privileges will be granted on the account.
-        :param pulumi.Input[pulumi.InputType['GrantPrivilegesToAccountRoleOnAccountObjectArgs']] on_account_object: Specifies the account object on which privileges will be granted
-        :param pulumi.Input[pulumi.InputType['GrantPrivilegesToAccountRoleOnSchemaArgs']] on_schema: Specifies the schema on which privileges will be granted.
-        :param pulumi.Input[pulumi.InputType['GrantPrivilegesToAccountRoleOnSchemaObjectArgs']] on_schema_object: Specifies the schema object on which privileges will be granted.
-        :param pulumi.Input[Sequence[pulumi.Input[str]]] privileges: The privileges to grant on the account role.
+        :param pulumi.Input[Union['GrantPrivilegesToAccountRoleOnAccountObjectArgs', 'GrantPrivilegesToAccountRoleOnAccountObjectArgsDict']] on_account_object: Specifies the account object on which privileges will be granted
+        :param pulumi.Input[Union['GrantPrivilegesToAccountRoleOnSchemaArgs', 'GrantPrivilegesToAccountRoleOnSchemaArgsDict']] on_schema: Specifies the schema on which privileges will be granted.
+        :param pulumi.Input[Union['GrantPrivilegesToAccountRoleOnSchemaObjectArgs', 'GrantPrivilegesToAccountRoleOnSchemaObjectArgsDict']] on_schema_object: Specifies the schema object on which privileges will be granted.
+        :param pulumi.Input[Sequence[pulumi.Input[str]]] privileges: The privileges to grant on the account role. This field is case-sensitive; use only upper-case privileges.
         :param pulumi.Input[bool] with_grant_option: Specifies whether the grantee can grant the privileges to other users.
         """
         opts = pulumi.ResourceOptions.merge(opts, pulumi.ResourceOptions(id=id))
@@ -569,7 +540,7 @@ class GrantPrivilegesToAccountRole(pulumi.CustomResource):
     @pulumi.getter(name="accountRoleName")
     def account_role_name(self) -> pulumi.Output[str]:
         """
-        The fully qualified name of the account role to which privileges will be granted.
+        The fully qualified name of the account role to which privileges will be granted. For more information about this resource, see docs.
         """
         return pulumi.get(self, "account_role_name")
 
@@ -584,13 +555,6 @@ class GrantPrivilegesToAccountRole(pulumi.CustomResource):
     @property
     @pulumi.getter(name="alwaysApply")
     def always_apply(self) -> pulumi.Output[Optional[bool]]:
-        """
-        If true, the resource will always produce a “plan” and on “apply” it will re-grant defined privileges. It is
-        supposed to be used only in “grant privileges on all X’s in database / schema Y” or “grant all privileges to
-        X” scenarios to make sure that every new object in a given database / schema is granted by the account role and every
-        new privilege is granted to the database role. Important note: this flag is not compliant with the Terraform assumptions
-        of the config being eventually convergent (producing an empty plan).
-        """
         return pulumi.get(self, "always_apply")
 
     @property
@@ -637,7 +601,7 @@ class GrantPrivilegesToAccountRole(pulumi.CustomResource):
     @pulumi.getter
     def privileges(self) -> pulumi.Output[Optional[Sequence[str]]]:
         """
-        The privileges to grant on the account role.
+        The privileges to grant on the account role. This field is case-sensitive; use only upper-case privileges.
         """
         return pulumi.get(self, "privileges")